La Pampa Leaks Exposes 5.8M Uruguayan Citizen Records
La Pampa Leaks claimed compromise of Uruguay’s government-sponsored identity service managed by telecom provider Antel, exposing 5.8 million citizen records. The group is monetizing the data as a paid lookup service. Antel stated that passwords, signature PINs, private keys or credentials were not compromised.
A misconfigured government-sponsored identity service in Uruguay has exposed the records of 5.8 million citizens, according to public reporting on the La Pampa Leaks incident. The breach, which surfaced in late May 2026, involves data held by Antel, Uruguay’s state-owned telecommunications provider responsible for managing the national identity platform. The threat actor group La Pampa Leaks is now offering paid lookup access to the stolen citizen records on underground markets.
Available reporting describes the exposed information as identity data tied to roughly 5.8 million individuals, a figure that represents a significant portion of Uruguay’s population. Antel has publicly stated that passwords, signature PINs, private keys, and other credentials were not part of the compromised dataset. The incident highlights how government-backed identity infrastructure can become an attractive target for cybercriminals seeking to monetize bulk personal data through subscription-style lookup services rather than one-time dumps.
For executives and high-net-worth families with ties to Latin America or international business interests, the breach carries immediate operational and personal risk. Many affected individuals maintain financial accounts, property holdings, or corporate relationships that rely on the same identity details now circulating in criminal channels. Once such records surface for paid access, they accelerate targeted social engineering, account takeover attempts, and physical security threats against executives whose travel or family locations can be pieced together from government identity files.
The doxxing and identity-chain implications extend far beyond the initial exposure. Citizen records frequently contain linkages between national ID numbers, addresses, phone numbers, and email accounts. These connections allow attackers to map digital handles to real-world identities, creating pathways that cascade into gaming platforms, social media, and cloud services. Industry research from sources such as DoxxScan™ continuous monitoring indicates that credential leaks of this nature often fuel extended compromise chains, particularly when children’s gaming accounts reuse elements of household email or phone data. A single exposed government record can therefore anchor a persistent doxxing campaign that follows families across platforms and borders.
What to do
- Run a DoxxScan to map every link between your handles, emails, phone numbers, and real-world identity, followed by no-subscription cleanup of exposed data.
- Enable continuous monitoring across 15B+ breach records and 100+ platforms so the next exposure surfaces within hours rather than months.
- Rotate any passwords associated with Uruguayan government or Antel services wherever they have been reused, and switch to authenticator-based 2FA on all critical accounts.
- Cover the entire household with DoxxScan family protection that extends to dependents and children’s gaming accounts, which frequently chain back to the same address or parent identity.
- For executives and family offices, engage hands-on remediation specialists who can issue targeted takedown requests to data brokers and underground marketplaces monetizing the leaked records.
Organizations and families cannot treat government data breaches as distant events when the exposed records directly fuel identity-chain attacks that persist for years. Starting with a structured assessment of current exposure provides the clearest path forward. DoxxScan by GalaxyWarden delivers continuous monitoring across 15B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and family coverage that includes children’s gaming accounts vulnerable to the same credential-stuffing and doxxing sequences seen in incidents like La Pampa Leaks.
Related breaches
Malaysia National Registration Department 22.5 Million — May 2022
A breach of Malaysia's National Registration Department exposed ~22.5 million citizen records, inclu…
Crunchbase Massive Personal Records Leak — January 2026
ShinyHunters exfiltrated approximately 2 million records from the business-intelligence platform Cru…
ADT 5.5–10 Million Customer Records Disclosed — April 2026
ADT confirmed unauthorized access to between 5.5 and 10 million customer records in April 2026. Expo…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →